CVE-2022-25229

{"id": "CVE-2022-25229", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2022-05-20T11:15:07.427", "references": [{"url": "https://fluidattacks.com/advisories/bowie/", "tags": ["Exploit", "Third Party Advisory"], "source": "help@fluidattacks.com"}, {"url": "https://github.com/popcorn-official/popcorn-desktop/issues/2491", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "help@fluidattacks.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Server(s)' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this to run OS commands."}, {"lang": "es", "value": "Popcorn Time versi\u00f3n 0.4.7, presenta un ataque de tipo XSS almacenado en el campo \"Movies API Server(s)'' por medio de la p\u00e1gina \"settings\". La configuraci\u00f3n \"nodeIntegration\" est\u00e1 habilitada, lo que permite a la p\u00e1gina web usar las caracter\u00edsticas de \"NodeJs\", un atacante puede aprovechar esto para ejecutar comandos del Sistema Operativo"}], "lastModified": "2022-05-31T14:30:54.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:popcorn_time_project:popcorn_time:0.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AAA5CD1-1B05-4450-861B-DDC97756C505"}], "operator": "OR"}]}], "sourceIdentifier": "help@fluidattacks.com"}